Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2016-3644

CWE-20 — Improper Input Validation4 documents4 sources

Severity

8.4HIGH

EPSS

29.0%

top 3.43%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Symantec Advanced Threat Protection Symantec Csapi Symantec Mail Security FOR Domino +11 more

Timeline

PublishedJun 30

Latest updateMay 13

Description

The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS…

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.5 | Impact: 5.9

Affected Packages12 packages

▶NVDsymantec/norton_security13.0.1

▶NVDsymantec/norton_bootable_removal_tool2016.0

▶NVDsymantec/data_center_security_server6.0, 6.5, 6.6+2

▶NVDsymantec/norton_power_eraser5.0

▶NVDsymantec/endpoint_protection12.1.6

🔴Vulnerability Details

GHSA

GHSA-wfm7-r3q4-448q: The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6↗2022-05-13

▶

CVEList

CVE-2016-3644: The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6↗2016-06-30

▶

💥Exploits & PoCs

Exploit-DB

Symantec AntiVirus - Heap Overflow Modifying MIME Messages↗2016-06-29

▶